Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/56d828bf-81fa-4253-8691-f9c277ca84ba.roa
File:                     56d828bf-81fa-4253-8691-f9c277ca84ba.roa (raw, json)
Hash identifier:          syUthKv1w6dvjP/JdYq/E55cmUED73UM8BEm0x66g7g=
Subject key identifier:   85:6D:08:48:51:55:D3:6B:54:5F:DE:82:A1:A7:55:51:E5:78:5A:2F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7570513CE904CB60D05D1E3B61B8259219F9293B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/56d828bf-81fa-4253-8691-f9c277ca84ba.roa
Signing time:             Fri 26 Sep 2025 16:07:27 +0000
ROA not before:           Fri 26 Sep 2025 16:07:27 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     6167
IP address blocks:        155.146.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:70:51:3c:e9:04:cb:60:d0:5d:1e:3b:61:b8:25:92:19:f9:29:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 26 16:07:27 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=3a02290c71421cbd252cdd64017c923355bf486a04e25db50f0a1f9b48df4d3c, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:82:91:7e:fc:1b:f0:f0:a8:46:d1:fc:22:13:
                    0a:12:ae:16:7c:92:e6:e3:eb:2b:0c:ae:eb:91:c0:
                    16:53:cd:0f:0d:8e:ec:c2:f6:ab:75:4e:20:61:22:
                    d1:27:12:c5:60:52:fc:10:45:d0:c6:8d:8b:3d:95:
                    61:8e:ee:60:81:a9:14:29:19:4d:38:6f:40:61:a5:
                    d3:8f:d6:72:b5:00:4f:6a:e9:c5:11:79:82:e5:e6:
                    62:c3:db:bb:6c:69:36:cd:96:cc:0a:16:d7:8f:79:
                    14:de:33:3d:b4:94:0b:20:fc:03:f0:8a:0b:91:e1:
                    15:e2:a5:21:1d:6c:32:8f:18:1b:32:28:c2:92:96:
                    5d:d4:f2:13:a4:41:73:fd:4f:94:92:7d:0b:56:0b:
                    00:63:9f:07:3d:df:fe:7b:93:0d:47:2f:29:4e:2f:
                    aa:47:60:96:5c:e4:de:28:8a:17:77:8c:39:ca:bd:
                    48:73:ac:6c:fe:ce:52:b8:e0:69:3e:07:41:f8:e4:
                    66:85:84:fb:1a:f9:ec:1a:59:fc:07:33:f5:b3:e7:
                    07:ac:37:d8:ce:62:5d:8c:ad:76:40:be:c0:1f:07:
                    5c:43:fa:c6:ae:dc:06:8c:33:bc:61:08:a9:1e:5f:
                    1b:c1:c9:19:1e:20:8c:f6:d9:5d:44:7f:ac:c9:5c:
                    ca:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:6D:08:48:51:55:D3:6B:54:5F:DE:82:A1:A7:55:51:E5:78:5A:2F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/56d828bf-81fa-4253-8691-f9c277ca84ba.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  155.146.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         43:b4:22:d5:a0:54:83:93:c7:2c:08:ea:e3:6a:b9:3b:ab:3e:
         53:1a:7c:d7:f6:e6:30:93:c4:5d:b5:cc:b3:d0:6c:f3:3d:7d:
         70:c8:e2:1e:99:7a:8a:69:b5:c5:2c:0c:c9:5f:ab:df:12:76:
         e5:5d:c5:06:ae:df:fb:9f:7e:69:fa:f5:08:6a:47:c9:19:ee:
         e6:0e:94:d5:69:dc:0d:6f:56:e4:23:5a:51:75:88:fe:3f:11:
         77:29:2b:d0:e9:68:43:09:3f:8f:d9:8b:ce:b2:d1:ba:82:14:
         10:89:c4:3e:c8:9f:a0:ef:e3:13:25:e1:e0:7a:b9:f9:64:06:
         6b:31:d6:7b:1b:48:0f:a8:66:8c:6e:a4:3a:40:3f:4b:93:5f:
         05:39:1c:09:fe:9d:ee:35:73:07:bc:bd:a1:d0:2b:44:d5:25:
         61:ac:53:4e:04:ea:0d:84:e9:85:30:e6:f7:fc:2a:b0:a8:e4:
         7a:8e:2c:c8:07:77:ea:ff:d5:a9:09:9a:49:77:7a:e8:f4:e6:
         9d:47:81:a3:a7:34:24:8f:e5:cb:01:fa:f0:48:02:7c:3f:2e:
         a4:d2:6b:70:87:09:12:44:14:b8:98:a4:1c:8c:77:8a:64:c2:
         e6:fd:b6:12:10:36:3f:78:62:3d:2f:45:35:3e:68:30:f2:d6:
         1c:cd:d1:ae
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdXBRPOkEy2DQXR47Ybglkhn5KTswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI2MTYwNzI3WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AzYTAyMjkwYzcxNDIxY2JkMjUyY2RkNjQwMTdjOTIzMzU1
YmY0ODZhMDRlMjVkYjUwZjBhMWY5YjQ4ZGY0ZDNjMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+gpF+/Bvw8KhG0fwiEwoSrhZ8kubj6ysMruuRwBZTzQ8N
juzC9qt1TiBhItEnEsVgUvwQRdDGjYs9lWGO7mCBqRQpGU04b0BhpdOP1nK1AE9q
6cUReYLl5mLD27tsaTbNlswKFtePeRTeMz20lAsg/APwiguR4RXipSEdbDKPGBsy
KMKSll3U8hOkQXP9T5SSfQtWCwBjnwc93/57kw1HLylOL6pHYJZc5N4oihd3jDnK
vUhzrGz+zlK44Gk+B0H45GaFhPsa+ewaWfwHM/Wz5wesN9jOYl2MrXZAvsAfB1xD
+sau3AaMM7xhCKkeXxvByRkeIIz22V1Ef6zJXMrVAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUhW0ISFFV02tUX96CoadVUeV4Wi8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzU2ZDgyOGJmLTgxZmEtNDI1My04NjkxLWY5YzI3N2NhODRiYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCbkjANBgkqhkiG9w0BAQsFAAOCAQEAQ7Qi1aBUg5PHLAjq42q5O6s+Uxp8
1/bmMJPEXbXMs9Bs8z19cMjiHpl6imm1xSwMyV+r3xJ25V3FBq7f+59+afr1CGpH
yRnu5g6U1WncDW9W5CNaUXWI/j8Rdykr0OloQwk/j9mLzrLRuoIUEInEPsifoO/j
EyXh4Hq5+WQGazHWextID6hmjG6kOkA/S5NfBTkcCf6d7jVzB7y9odArRNUlYaxT
TgTqDYTphTDm9/wqsKjkeo4syAd36v/VqQmaSXd66PTmnUeBo6c0JI/lywH68EgC
fD8upNJrcIcJEkQUuJikHIx3imTC5v22EhA2P3hiPS9FNT5oMPLWHM3Rrg==
-----END CERTIFICATE-----